From 9f34e2265b3f94216da90a15fd1c20cafbd71456 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Micha=C5=82=20=27Wolvverine=27=20Panasiewicz?= Date: Thu, 12 Mar 2009 11:51:11 +0000 Subject: [PATCH] - bug #6155 in 3.3.1 Changed files: samba-force-group.patch -> 1.1 --- samba-force-group.patch | 83 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) create mode 100644 samba-force-group.patch diff --git a/samba-force-group.patch b/samba-force-group.patch new file mode 100644 index 0000000..2003b7a --- /dev/null +++ b/samba-force-group.patch @@ -0,0 +1,83 @@ +diff --git a/source/include/smb.h b/source/include/smb.h +index a98d151..56d9461 100644 +--- a/source/include/smb.h ++++ b/source/include/smb.h +@@ -597,6 +597,12 @@ typedef struct connection_struct { + */ + struct auth_serversupplied_info *server_info; + ++ /* ++ * If the "force group" parameter is set, this is the primary gid that ++ * may be used in the users token, depending on the vuid using this tid. ++ */ ++ gid_t force_group_gid; ++ + char client_address[INET6_ADDRSTRLEN]; /* String version of client IP address. */ + + uint16 vuid; /* vuid of user who *opened* this connection, or UID_FIELD_INVALID */ +diff --git a/source/smbd/conn.c b/source/smbd/conn.c +index 7f34d2b..a6eafcf 100644 +--- a/source/smbd/conn.c ++++ b/source/smbd/conn.c +@@ -145,6 +145,7 @@ find_again: + return NULL; + } + conn->cnum = i; ++ conn->force_group_gid = (gid_t)-1; + + bitmap_set(bmap, i); + +diff --git a/source/smbd/service.c b/source/smbd/service.c +index c39584a..5e75fce 100644 +--- a/source/smbd/service.c ++++ b/source/smbd/service.c +@@ -834,6 +834,14 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, + *pstatus = status; + return NULL; + } ++ ++ /* ++ * We need to cache this gid, to use within ++ * change_to_user() separately from the conn->server_info ++ * struct. We only use conn->server_info directly if ++ * "force_user" was set. ++ */ ++ conn->force_group_gid = conn->server_info->utok.gid; + } + + conn->vuid = (vuser != NULL) ? vuser->vuid : UID_FIELD_INVALID; +diff --git a/source/smbd/uid.c b/source/smbd/uid.c +index 119a155..02f8cc9 100644 +--- a/source/smbd/uid.c ++++ b/source/smbd/uid.c +@@ -256,6 +256,8 @@ bool change_to_user(connection_struct *conn, uint16 vuid) + + if((group_c = *lp_force_group(snum))) { + ++ SMB_ASSERT(conn->force_group_gid != (gid_t)-1); ++ + if(group_c == '+') { + + /* +@@ -268,15 +270,18 @@ bool change_to_user(connection_struct *conn, uint16 vuid) + int i; + for (i = 0; i < num_groups; i++) { + if (group_list[i] +- == conn->server_info->utok.gid) { +- gid = conn->server_info->utok.gid; ++ == conn->force_group_gid) { ++ conn->server_info->utok.gid = ++ conn->force_group_gid; ++ gid = conn->force_group_gid; + gid_to_sid(&conn->server_info->ptok + ->user_sids[1], gid); + break; + } + } + } else { +- gid = conn->server_info->utok.gid; ++ conn->server_info->utok.gid = conn->force_group_gid; ++ gid = conn->force_group_gid; + gid_to_sid(&conn->server_info->ptok->user_sids[1], + gid); + } -- 2.44.0